Save Ransomware
The Save Ransomware is a newly uncovered file-encrypting Trojan. When cybersecurity researchers studied this ransomware threat, they discovered that it belongs to the notorious Dharma Ransomware family.
Infiltrating Your PC
Malware experts have been unable to pinpoint the exact method of propagation utilized in the spreading of the Save Ransomware. Some believe that mass spam email campaigns, alongside fraudulent application updates, and infected pirated software are among the infection vectors used in propagating this new data-locking Trojan. Once the Save Ransomware manages to infiltrate your PC, it will start the attack with a scan. The goal of scanning your system is to determine the locations of the files, which will be targeted for encryption. When this is completed, the Save Ransomware will start locking the data it was programmed to go after. Once a file goes through the encryption process of the Save Ransomware its name will be altered. The Save Ransomware adds an extension to the newly locked files – ‘.id-
The Ransom Note
In the next stage of the attack, the Save Ransomware drops its ransom note. If the authors of the Save Ransomware have stayed faithful to the naming patterns of most ransomware threats that belong to the Dharma Ransomware family, then it is highly likely that the ransom note is called ‘FILES ENCRYPTED.txt’ or ‘info.hta.’ The attackers do not mention a specific ransom fee, but they provide the victim with an email address – ‘seavays@aol.com.’ They expect users to contact them there so that they can receive further instructions.
The best approach is to keep your distance when it comes to cybercrooks. These are never trustworthy individuals. You also should look into obtaining a reputable anti-malware application, which will wipe off the Save Ransomware off your machine once and for all.
